]> git.saurik.com Git - apple/ipsec.git/blob - ipsec-tools/setkey/scriptdump.pl
ipsec-332.100.1.tar.gz
[apple/ipsec.git] / ipsec-tools / setkey / scriptdump.pl
1 #! @LOCALPREFIX@/bin/perl
2
3 if ($< != 0) {
4 print STDERR "must be root to invoke this\n";
5 exit 1;
6 }
7
8 $mode = 'add';
9 while ($i = shift @ARGV) {
10 if ($i eq '-d') {
11 $mode = 'delete';
12 } else {
13 print STDERR "usage: scriptdump [-d]\n";
14 exit 1;
15 }
16 }
17
18 open(IN, "setkey -D |") || die;
19 foreach $_ (<IN>) {
20 if (/^[^\t]/) {
21 ($src, $dst) = split(/\s+/, $_);
22 } elsif (/^\t(esp|ah) mode=(\S+) spi=(\d+).*reqid=(\d+)/) {
23 ($proto, $ipsecmode, $spi, $reqid) = ($1, $2, $3, $4);
24 } elsif (/^\tE: (\S+) (.*)/) {
25 $ealgo = $1;
26 $ekey = $2;
27 $ekey =~ s/\s//g;
28 $ekey =~ s/^/0x/g;
29 } elsif (/^\tA: (\S+) (.*)/) {
30 $aalgo = $1;
31 $akey = $2;
32 $akey =~ s/\s//g;
33 $akey =~ s/^/0x/g;
34 } elsif (/^\tseq=(0x\d+) replay=(\d+) flags=(0x\d+) state=/) {
35 print "$mode $src $dst $proto $spi";
36 $replay = $2;
37 print " -u $reqid" if $reqid;
38 if ($mode eq 'add') {
39 print " -m $ipsecmode -r $replay" if $replay;
40 if ($proto eq 'esp') {
41 print " -E $ealgo $ekey" if $ealgo;
42 print " -A $aalgo $akey" if $aalgo;
43 } elsif ($proto eq 'ah') {
44 print " -A $aalgo $akey" if $aalgo;
45 }
46 }
47 print ";\n";
48
49 $src = $dst = $upper = $proxy = '';
50 $ealgo = $ekey = $aalgo = $akey = '';
51 }
52 }
53 close(IN);
54
55 exit 0;